CVE-2026-27540

Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture woocommerce-wholesale-lead-capture allows Using Malicious Files.This issue affects Woocommerce Wholesale Lead Capture: from n/a through = 2.0.3.1...

CVE-2026-20622

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to capture a user's screen...

CVE-2026-20622

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to capture a user's screen...

CVE-2026-20622

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to capture a user's screen...

EUVD-2026-15037

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to capture a user's screen...

CVE-2026-20622

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to capture a user's screen...

CVE-2026-20622

CVE-2026-20622 concerns a privacy issue in macOS where improved handling of temporary files could allow an app to capture a user’s screen. Concrete details across multiple sources show this impacts macOS Sequoia prior to 15.7.4 and macOS Tahoe prior to 26.3, with Apple’s advisory listing 15.7.4/2...

Environment-Grounded Multi-Agent Workflow for Autonomous Penetration Testing

The increasing complexity and interconnectivity of digital infrastructures make scalable and reliable security assessment methods essential. Robotic systems represent a particularly important class of operational technology, as modern robots are highly networked cyber-physical systems deployed in...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. A security vulnerability exists in Apple macOS Sequoia prior to 15.7.4 and Tahoe prior to 26.3, which can be exploited by an attacker to cause an application to capture the user's screen...

EUVD-2026-14399

A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this issue is some unknown functionality of the component Bluetooth Handler. Performing a manipulation results in authentication bypass by capture-replay. The attack must originate from the local network. Th...

CVE-2026-4583

A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this issue is some unknown functionality of the component Bluetooth Handler. Performing a manipulation results in authentication bypass by capture-replay. The attack must originate from the local network. Th...

CVE-2026-4583

A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this issue is some unknown functionality of the component Bluetooth Handler. Performing a manipulation results in authentication bypass by capture-replay. The attack must originate from the local network. Th...

CVE-2026-4583

The CVE-2026-4583 entry affects Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N, specifically a vulnerability in the Bluetooth Handler that enables authentication bypass via capture-replay. The attack is reported to originate from the local network and has high complexity; exploitation is described ...

CVE-2026-4583 Shenzhen HCC Technology MPOS M6 PLUS Bluetooth authentication replay

A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this issue is some unknown functionality of the component Bluetooth Handler. Performing a manipulation results in authentication bypass by capture-replay. The attack must originate from the local network. Th...

PT-2026-27106

Name of the Vulnerable Software and Affected Versions Shenzhen HCC Technology MPOS M6 PLUS version 1V.31-N Description The Bluetooth Handler component in Shenzhen HCC Technology MPOS M6 PLUS version 1V.31-N contains a flaw that allows authentication bypass via capture-replay attacks originating...

AI in Cybersecurity Education -- Scalable Agentic CTF Design Principles and Educational Outcomes

Large language models are rapidly changing how learners acquire and demonstrate cybersecurity skills. However, when human--AI collaboration is allowed, educators still lack validated competition designs and evaluation practices that remain fair and evidence-based. This paper presents a...

CTF As a Service: A Reproducible and Scalable Infrastructure for Cybersecurity Training

Capture The Flag CTF competitions have established themselves as a highly effective pedagogical tool in cybersecurity education, offering students hands-on experience in realistic attack and defense scenarios. However, organizing and hosting these events requires considerable infrastructure effor...

STRIATUM-CTF: A Protocol-Driven Agentic Framework for General-Purpose CTF Solving

Large Language Models LLMs have demonstrated potential in code generation, yet they struggle with the multi-step, stateful reasoning required for offensive cybersecurity operations. Existing research often relies on static benchmarks that fail to capture the dynamic nature of real-world...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

🔥 Solar Exploiting Log4j - TryHackMe Walkthrough 📌 Room: S...

Fullchain 访问控制错误漏洞

Fullchain is an open-source CTF competition platform developed by CTFer.io. Versions of Fullchain prior to 0.1.1 contained access control vulnerability issues. These vulnerabilities were caused by incorrect network policy configurations, and could lead to lateral movement attacks...